Knowledgebase: Manage Permissions
how to manage contextual roles
Posted by Jean-jacques Jouanneaux on 19 November 2012 04:24 PM

Question :

I am working on an application now that has a fixed set of permissions. Items like “Add Property”, “Edit Property”, “Add Contact”, etc

The application itself is partitioned by divisions within our company: “USA”, “Managed”, “Panama”, etc

When the user logs in, he selects which division he will working in. Based on the division selected, his roles (permission sets) could be different. E.g. in “USA” he might be “Property Admin” with edit rights to properties, but in “Panama” he has read only access, and in “Managed” he has a denied property access

What is the best way using visual guard to define this common set of permissions and roles then split the user/role relationship by division inside a single application scope. I can easily see how to do in via separate applications, I just want to reuse the role/permissions to minimize the having to manage multiple several applications.

This will be an increasingly common scenario for us in other applications as we continue to grow.

Kevin White
Answer :
By default, we would suggest the following solution:
1. create a VG Group for each division in your company. 
2. Create roles containing your sets of permissions
3. Grant roles to VG Groups
4. place each user in one or several VG Groups
5. Modify your login form, so that users can select one VG Group
6. Load and apply the permissions corresponding to this group

Steps 5 & 6 would imply a few lines of code and making calls to VG APIs to get the list of role and apply the right set of permissions to the current user.

(0 vote(s))
Helpful
Not helpful

Comments (0)
Help Desk by Novalys